package cn.tradewin.advisor.pages;

import java.io.IOException;

import javax.validation.constraints.NotNull;

import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.apache.tapestry5.PersistenceConstants;
import org.apache.tapestry5.alerts.AlertManager;
import org.apache.tapestry5.annotations.Component;
import org.apache.tapestry5.annotations.Import;
import org.apache.tapestry5.annotations.Persist;
import org.apache.tapestry5.annotations.Property;
import org.apache.tapestry5.corelib.components.Form;
import org.apache.tapestry5.ioc.Messages;
import org.apache.tapestry5.ioc.annotations.Inject;
import org.apache.tapestry5.ioc.annotations.Symbol;
import org.apache.tapestry5.services.Request;
import org.apache.tapestry5.services.RequestGlobals;
import org.apache.tapestry5.services.Response;
import org.slf4j.Logger;
import org.tynamo.security.SecuritySymbols;
import org.tynamo.security.internal.services.LoginContextService;
import org.tynamo.security.services.SecurityService;

@Import(stylesheet = { "css/font-awesome.css", "css/theme.css" })
public class login {
	
	@Property
	@NotNull
	@Persist(value = PersistenceConstants.FLASH)
	private String username;

	@Property
	@NotNull
	private String password;

	@Property
	private boolean rememberMe;

	@Component
	private Form loginForm;

	@Inject
	private Messages messages;
	
	@Inject
	private Request request;

	@Inject
	private Response response;
	
	@Inject
	private SecurityService securityService;
	
	@Inject
	private LoginContextService contextService;
	
	@Inject
	private AlertManager alertManager;
	
	@Inject
	private RequestGlobals requestGlobals;

	@Inject
	@Symbol(SecuritySymbols.REDIRECT_TO_SAVED_URL)
	private boolean redirectToSavedUrl;
	
	@Inject
	Logger log;

	public void onSubmit() throws IOException {
		String errorCode = null;
		try {
			Subject subject = securityService.getSubject();
			if (subject == null) {
				throw new IllegalStateException("Subject can't be null");
			}
			AuthenticationToken token = new UsernamePasswordToken(username, password, rememberMe);
			subject.login(token);
		} catch (UnknownAccountException e) {
			errorCode = "001";
		} catch (IncorrectCredentialsException e) {
			errorCode = "002";
		} catch (LockedAccountException lae) {
			errorCode = "003";
		}
		catch (DisabledAccountException lock) {
			errorCode = "004";
		}
		catch (ExcessiveAttemptsException excessive) {
			errorCode = "005";
		} 
		catch (AuthenticationException ex) {
			errorCode = "006";
		}
		if (!StringUtils.isEmpty(errorCode)) {
			alertManager.error(messages.get(errorCode));
			return;
		}
		contextService.redirectToSavedRequest("/"+contextService.getSuccessURL());
	}
}